469,330 Members | 1,349 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,330 developers. It's quick & easy.

Check if user is authenticated

Hello,

How to I check if a user is authenticated and if it is what is its
role?

I am using Asp.Net 2.0 and forms authentication.

Thanks,

Miguel

Dec 7 '06 #1
3 4418
Use attributes on your classes and/or methods. You need something like
this:

[PrincipalPermissionAttribute(SecurityAction::Deman d,

Authenticated=True,
Role="Progdir")]

The Visual Studio help puts it like this:

__________________________________________________ _____________________________________
PrincipalPermissionAttribute can be used to declaratively demand that users
running your code belong to a specified role or have been authenticated. Use
of Unrestricted creates a PrincipalPermission with Authenticated set to true
and Name and Role set to a null reference (Nothing in Visual Basic).

The scope of the declaration that is allowed depends on the SecurityAction
that is used. PrincipalPermissionAttribute cannot be applied at the assembly
level.

The security information declared by a security attribute is stored in the
metadata of the attribute target and is accessed by the system at run time.
Security attributes are used only for declarative security. For imperative
security, use the corresponding permission class.

Important Prior to a demand for principal permission it is necessary to
set the current application domain's principal policy to the enumeration
value WindowsPrincipal. By default, the principal policy is set to
UnauthenticatedPrincipal. If you do not set the principal policy to
WindowsPrincipal, a demand for principal permission will fail. The following
code should be executed before the principal permission is demanded:
AppDomain.CurrentDomain.SetPrincipalPolicy(Princip alPolicy.WindowsPrincipal).

Example
The following example demonstrates how PrincipalPermission can be used
declaratively to demand that the current user is Bob and belongs to the
Supervisor role.

Visual Basic Copy Code
<PrincipalPermissionAttribute(SecurityAction.Deman d, _
Name := "Bob", Role := "Supervisor")Public Class SampleClass

C# Copy Code
[PrincipalPermissionAttribute(SecurityAction.Demand , Name="Bob",
Role="Supervisor")]

C++ Copy Code
[PrincipalPermissionAttribute(SecurityAction::Deman d,Name="Bob",
Role="Supervisor")]

J# Copy Code
/** @attribute PrincipalPermissionAttribute(SecurityAction.Demand ,
Name = "Bob", Role = "Supervisor")
*/
The following example demonstrates how to demand that the current user's
identity is Bob, regardless of role membership.

Visual Basic Copy Code
<PrincipalPermissionAttribute(SecurityAction.Deman d, _
Name := "Bob")Public Class SampleClass

C# Copy Code
[PrincipalPermissionAttribute(SecurityAction.Demand , Name="Bob")]

C++ Copy Code
[PrincipalPermissionAttribute(SecurityAction::Deman d,Name="Bob")]

J# Copy Code
/** @attribute PrincipalPermissionAttribute(SecurityAction.Demand , Name =
"Bob")
*/
The following example demonstrates how to demand only that the user is
authenticated.

Visual Basic Copy Code
<PrincipalPermissionAttribute(SecurityAction.Deman d, _
Authenticated := True)Public Class SampleClass

C# Copy Code
[PrincipalPermissionAttribute(SecurityAction.Demand , Authenticated=true)]
__________________________________________________ ____________________________________

HTH
Peter
"shapper" <md*****@gmail.comwrote in message
news:11**********************@16g2000cwy.googlegro ups.com...
Hello,

How to I check if a user is authenticated and if it is what is its
role?

I am using Asp.Net 2.0 and forms authentication.

Thanks,

Miguel



Dec 7 '06 #2
Sorry. Got my syntax screwed up in my first statement. Ignore what I've
said and stick to what's in the quotation from the help files.
Peter

"Peter Bradley" <pb******@uwic.ac.ukwrote in message
news:uo**************@TK2MSFTNGP02.phx.gbl...
Use attributes on your classes and/or methods. You need something like
this:

[PrincipalPermissionAttribute(SecurityAction::Deman d,

Authenticated=True,
Role="Progdir")]

The Visual Studio help puts it like this:

__________________________________________________ _____________________________________
PrincipalPermissionAttribute can be used to declaratively demand that
users running your code belong to a specified role or have been
authenticated. Use of Unrestricted creates a PrincipalPermission with
Authenticated set to true and Name and Role set to a null reference
(Nothing in Visual Basic).

The scope of the declaration that is allowed depends on the SecurityAction
that is used. PrincipalPermissionAttribute cannot be applied at the
assembly level.

The security information declared by a security attribute is stored in the
metadata of the attribute target and is accessed by the system at run
time. Security attributes are used only for declarative security. For
imperative security, use the corresponding permission class.

Important Prior to a demand for principal permission it is necessary to
set the current application domain's principal policy to the enumeration
value WindowsPrincipal. By default, the principal policy is set to
UnauthenticatedPrincipal. If you do not set the principal policy to
WindowsPrincipal, a demand for principal permission will fail. The
following code should be executed before the principal permission is
demanded:
AppDomain.CurrentDomain.SetPrincipalPolicy(Princip alPolicy.WindowsPrincipal).

Example
The following example demonstrates how PrincipalPermission can be used
declaratively to demand that the current user is Bob and belongs to the
Supervisor role.

Visual Basic Copy Code
<PrincipalPermissionAttribute(SecurityAction.Deman d, _
Name := "Bob", Role := "Supervisor")Public Class SampleClass

C# Copy Code
[PrincipalPermissionAttribute(SecurityAction.Demand , Name="Bob",
Role="Supervisor")]

C++ Copy Code
[PrincipalPermissionAttribute(SecurityAction::Deman d,Name="Bob",
Role="Supervisor")]

J# Copy Code
/** @attribute PrincipalPermissionAttribute(SecurityAction.Demand ,
Name = "Bob", Role = "Supervisor")
*/
The following example demonstrates how to demand that the current user's
identity is Bob, regardless of role membership.

Visual Basic Copy Code
<PrincipalPermissionAttribute(SecurityAction.Deman d, _
Name := "Bob")Public Class SampleClass

C# Copy Code
[PrincipalPermissionAttribute(SecurityAction.Demand , Name="Bob")]

C++ Copy Code
[PrincipalPermissionAttribute(SecurityAction::Deman d,Name="Bob")]

J# Copy Code
/** @attribute PrincipalPermissionAttribute(SecurityAction.Demand , Name =
"Bob")
*/
The following example demonstrates how to demand only that the user is
authenticated.

Visual Basic Copy Code
<PrincipalPermissionAttribute(SecurityAction.Deman d, _
Authenticated := True)Public Class SampleClass

C# Copy Code
[PrincipalPermissionAttribute(SecurityAction.Demand , Authenticated=true)]
__________________________________________________ ____________________________________

HTH
Peter
"shapper" <md*****@gmail.comwrote in message
news:11**********************@16g2000cwy.googlegro ups.com...
>Hello,

How to I check if a user is authenticated and if it is what is its
role?

I am using Asp.Net 2.0 and forms authentication.

Thanks,

Miguel



Dec 7 '06 #3
I taught as much that would do the trick also as Peter adviced.
Patrick

"Peter Bromberg [C# MVP]" <pb*******@yahoo.nospammin.comwrote in message
news:08**********************************@microsof t.com...
try User.IsAuthenticated, and User.IsInRoke("rolename").
Depending on whether you are using Membership, there are a lot of other
built-in methods.
Peter

--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com


"shapper" wrote:
Hello,

How to I check if a user is authenticated and if it is what is its
role?

I am using Asp.Net 2.0 and forms authentication.

Thanks,

Miguel

Dec 7 '06 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

4 posts views Thread by Georg Vassilopulos | last post: by
4 posts views Thread by ad | last post: by
1 post views Thread by Grey | last post: by
1 post views Thread by Wijit Sattayaporn | last post: by
5 posts views Thread by Shimon Sim | last post: by
3 posts views Thread by shapper | last post: by
4 posts views Thread by shapper | last post: by
reply views Thread by haryvincent176 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.